Security Vulnerabilities - CVEs Published In December 2025
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Harper harper allows PHP Local File Inclusion.This issue affects Harper: from n/a through <= 1.13.
CVSS Score
8.1
EPSS Score
0.002
Published
2025-12-18
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Greeny greeny allows PHP Local File Inclusion.This issue affects Greeny: from n/a through <= 2.6.
CVSS Score
8.1
EPSS Score
0.002
Published
2025-12-18
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Rentic rentic allows PHP Local File Inclusion.This issue affects Rentic: from n/a through <= 1.1.
CVSS Score
8.1
EPSS Score
0.002
Published
2025-12-18
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Smash smash allows PHP Local File Inclusion.This issue affects Smash: from n/a through <= 1.7.
CVSS Score
8.1
EPSS Score
0.002
Published
2025-12-18
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Catwalk catwalk allows PHP Local File Inclusion.This issue affects Catwalk: from n/a through <= 1.4.
CVSS Score
8.1
EPSS Score
0.002
Published
2025-12-18
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Plan My Day planmyday allows PHP Local File Inclusion.This issue affects Plan My Day: from n/a through <= 1.1.13.
CVSS Score
8.1
EPSS Score
0.002
Published
2025-12-18
Improper access checks in M-Files Server before 25.12.15491.7 allows users to download files through M-Files Web using Web Companion despite Print and Download Prevention module being enabled.
CVSS Score
5.3
EPSS Score
0.0
Published
2025-12-18
Memory corruption while handling concurrent memory mapping and unmapping requests from a user-space application.
CVSS Score
7.8
EPSS Score
0.0
Published
2025-12-18
Memory Corruption when a corrupted ELF image with an oversized file size is read into a buffer without authentication.
CVSS Score
9.0
EPSS Score
0.0
Published
2025-12-18
Memory corruption while loading an invalid firmware in boot loader.
CVSS Score
7.8
EPSS Score
0.0
Published
2025-12-18